AgentSealAgentSeal

Blog

Security research and technical deep-dives from the AgentSeal team.

From Static Findings to Working Exploits: Runtime Validation of 6 High-Profile MCP ServersFeatured
Research

From Static Findings to Working Exploits: Runtime Validation of 6 High-Profile MCP Servers

Controlled lab testing of 6 MCP servers with 68K+ combined GitHub stars. Docker isolation, planted test data, three-run verification. Every flagged vulnerability was successfully exploited.

AgentSeal Research·March 28, 2026·0

Latest Posts

555 MCP Servers Have Toxic Data Flows. Here's What We Found.
Research

555 MCP Servers Have Toxic Data Flows. Here's What We Found.

Attack surface analysis of 5,125 MCP servers reveals 935 dangerous tool combination paths across 555 servers. Includes runtime probe data from 113 servers, CVE-based detection, and full methodology disclosure.

AgentSeal Research·March 20, 2026·0
We Scanned 1,808 MCP Servers. 66% Had Security Findings.
SECURITY RESEARCH

We Scanned 1,808 MCP Servers. 66% Had Security Findings.

A year of MCP breaches, real data from our registry, and why defense matters even when perfect security is not achievable.

AgentSeal Team·March 14, 2026·0
We Scanned 50 Cursor Rules Files From GitHub. 6 Had Hidden Instructions.
SECURITY RESEARCH

We Scanned 50 Cursor Rules Files From GitHub. 6 Had Hidden Instructions.

How zero-width Unicode characters, base64 payloads, and toxic data flows turn your AI coding agent into an attack vector.

AgentSeal Team·March 11, 2026·0